Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Network+ Guide to Networks Third Edition Chapter 13: Ensuring Integrity and Availability Objectives: Identify the characteristics of a network that keep data safe from loss or damage Protect an enterprise-wide network from viruses Network + 2 Objectives: (continued) Explain network- and system-level faulttolerance techniques Discuss issues related to network backup and recovery strategies Describe the components of a useful disaster recovery plan Network + 3 What are Integrity and Availability? • Integrity refers to the soundness of a network’s programs, data, services, devices, and connections. • Availability of a file or system refers to how consistently and reliably it can be accessed by authorized personnel Network + 4 What are Integrity and Availability? (continued) • General guidelines for protecting your network • Allow only network administrators to create or modify NOS and application system files Network + 5 What are Integrity and Availability? (continued) • Monitor the network for unauthorized access or changes • Record authorized system changes in a change management system • Install redundant components Network + 6 What are Integrity and Availability? (continued) • General guidelines for protecting your network (continued) • Perform regular health checks on the network • Check system performance, error logs, and the system log book regularly Network + 7 What are Integrity and Availability? (continued) • Keep backups, boot disks, and emergency repair disks current and available • Implement and enforce security and disaster recovery policies Network + 8 Viruses • A virus is a program that replicates itself with the intent to infect more computers • Other unwanted and potentially destructive programs are called viruses, but technically do not meet the criteria used to define a virus • Program that disguises itself as something useful but actually harms your system is called a Trojan horse Network + 9 Viruses (continued) • Types of Viruses • Boot sector viruses, Macro viruses, File-infected viruses, Worms, Trojan horse, Network viruses, Bots • Virus Characteristics • Encryption, Stealth, Polymorphism, Timedependence Network + 10 Viruses (continued) • Virus Protection • Antivirus Software • Suspecting a virus • Unexplained increases in file sizes • Significant, unexplained decline in system performance • Unusual error messages • Significant, unexpected loss of system memory • Fluctuations in display quality Network + 11 Viruses (continued) • Virus Protection • Antivirus Software • Antivirus software should perform • Signature scanning • Integrity checking • Monitoring of unexpected file changes Network + 12 Viruses (continued) • Virus Protection • Antivirus Software • Antivirus software should perform (continued) • Regular updates and modifications • Consistently report only valid viruses • Heuristic scanning -- most fallible Network + 13 Viruses (continued) • Virus Protection • Antivirus Policies • Virus detection and cleaning software that regularly scans for viruses • Users not allowed to alter or disable • Users know what to do • Antivirus team appointed maintaining antivirus measures Network + 14 Viruses (continued) • Virus Protection • Antivirus Policies (continued) • Users prohibited from installing any unauthorized software • System-wide alerts issued • Virus Hoaxes • Type of rumor consists of a false alert about a • dangerous, new virus Verify a possible hoax Network + 15 Fault Tolerance • The capacity for a system to continue performing despite an unexpected hardware or software malfunction • Failure is a deviation from a specified level of system performance for a given period of time • Fault involves the malfunction of one component of a system Network + 16 Fault Tolerance (continued) • Environment • Analyze the physical environment in which your devices operate • Power • Power Flaws • Surge—A momentary increase in voltage • Noise—A fluctuation in voltage levels • Brownout—A momentary decrease in voltage • Blackout—A complete power loss Network + 17 Fault Tolerance (continued) • Power (continued) • Uninterruptible Power Supplies (UPSs) • Prevents A/C power from harming device or interrupting its services • Standby UPS provides continuous voltage to a device by switching • Online UPS providing power to a network device through its battery Network + 18 Fault Tolerance (continued) Network + 19 Fault Tolerance (continued) • Which UPS is right for your network • Amount of power needed • Period of time to keep a device running • Line conditioning • Cost • Generators • If your organization cannot withstand a power loss you might consider investing in an electrical generator for your building Network + 20 Fault Tolerance (continued) • Topology and Connectivity • Each physical topology inherently assumes certain • advantages and disadvantages Supplying multiple paths data can use to travel from any one point to another Network + 21 Fault Tolerance (continued) Network + 22 Fault Tolerance (continued) Network + 23 Fault Tolerance (continued) Network + 24 Fault Tolerance (continued) Network + 25 Fault Tolerance (continued) • Servers • Server Mirroring • Mirroring is a fault-tolerance technique in which one device or component duplicates the activities of another • In server mirroring, one server continually duplicates the transactions and data storage of another Network + 26 Fault Tolerance (continued) • Network + 27 Fault Tolerance (continued) • Servers • Clustering • Fault-tolerance technique that links multiple servers together to act as a single server Network + 28 Fault Tolerance (continued) • Storage • Redundant Array of Independent (or Inexpensive) Disks (RAID) • Collection of disks that provide fault tolerance for shared data and applications • Hardware RAID • Set of disks and a separate disk controller • Software RAID • Software to implement and control RAID Network + 29 Fault Tolerance (continued) • Storage • RAID (continued) • RAID Level 0—Disk Striping RAID Level 0 • data is written in 64 KB blocks equally across all disks in the array Network + 30 Fault Tolerance (continued) Network + 31 Fault Tolerance (continued) • Storage • RAID (continued) • RAID Level 1—Disk Mirroring RAID Level 1 • provides redundancy through a process called disk mirroring Network + 32 Fault Tolerance (continued) Network + 33 Fault Tolerance (continued) • Storage • RAID (continued) • RAID Level 3—Disk Striping with Parity ECC RAID Level 3 • Involves disk striping with a special error correction code (ECC) Network + 34 Fault Tolerance (continued) Network + 35 Fault Tolerance (continued) Network + 36 Fault Tolerance (continued) • Storage • RAID (continued) • RAID Level 5—Disk Striping with Distributed Parity • Highly fault-tolerant • Data is written in small blocks across several disks • Parity error checking information is distributed among the disks Network + 37 Fault Tolerance (continued) Network + 38 Fault Tolerance (continued) • Storage • Network Attached Storage • specialized storage device or group of storage devices that provides centralized fault-tolerant data storage for a network Network + 39 Fault Tolerance (continued) Network + 40 Fault Tolerance (continued) • Storage • Storage Area Networks (SANs) • Distinct networks of storage devices that communicate directly with each other and with other networks Network + 41 Fault Tolerance (continued) Network + 42 Data Backup • A backup is a copy of data or program files created for archiving or safekeeping • Tape Backups • Copying data to a magnetic tape Network + 43 Data Backup (continued) Network + 44 Data Backup (continued) • Tape Backups (continued) • Select the appropriate tape backup solution • Sufficient storage capacity • Proven to be reliable • Data error-checking techniques • Is the system quick enough Network + 45 Data Backup (continued) • Tape Backups (continued) • Select the appropriate tape backup solution • Tape drive, software, and media cost • Hardware and software be compatible with existing network • Frequent manual intervention • Accommodate your network’s growth Network + 46 Data Backup (continued) • Online Backups • Companies on the Internet now offer to back up data over the Internet Network + 47 Data Backup (continued) • Backup Strategy • What data must be backed up • What kind of rotation schedule • When will the backups occur • How will you verify Network + 48 Data Backup (continued) • Backup Strategy (continued) • Where will backup media be stored • Who will take responsibility • How long will you save backups • Where will backup and recovery documentation be stored Network + 49 Data Backup (continued) • Backup Strategy (continued) • Different backup methods • Full backup • Incremental backup • Differential backup Network + 50 Data Backup (continued) Network + 51 Disaster Recovery • A disaster recovery plan should identify a disaster recovery team • Contact for emergency coordinators • Which data and servers are being backed up • Network topology, redundancy, and agreements • Regular strategies for testing • A plan for managing the crisis Network + 52 Chapter Summary • Integrity refers to the soundness of your • • • • network’s files, systems, and connections Several basic measures can be employed to protect data and systems A virus is a program that replicates itself Boot sector viruses position their code in the boot sector Macro viruses take the form of a macro Network + 53 Chapter Summary (continued) • File-infected viruses attach themselves to • • • • executable files Network viruses take advantage of network protocols A virus bot is a virus that spreads automatically between systems Worms are not technically viruses A Trojan horse claims to do something useful but instead harms Network + 54 Chapter Summary (continued) • Any type of virus may have additional • • characteristics that make it harder to detect and eliminate A good antivirus program should be able to detect viruses through signature scanning, integrity checking, and heuristic scanning Antivirus software is merely one piece of the puzzle in protecting your network Network + 55 Chapter Summary (continued) • A virus hoax is a false alert about a • dangerous, new virus A failure is a deviation from a specified level of system performance for a given period of time Network + 56 Chapter Summary (continued) • A fault is the malfunction of one • component of a system Fault tolerance is a system’s capacity to continue performing despite an unexpected hardware or software malfunction Network + 57 Chapter Summary (continued) • Networks cannot tolerate power loss or • • less than optimal power A UPS is a battery power source directly attached to one or more devices and to a power supply A standby UPS provides continuous voltage to a device by switching Network + 58 Chapter Summary (continued) • An online UPS uses the A/C power from • the wall outlet to continuously charge its battery For utmost fault tolerance in power supply, a generator is necessary Network + 59 Chapter Summary (continued) • Network topologies such as a full mesh • • WAN or a star-based LAN with a parallel backbone offer the greatest fault tolerance Hot swappable components can be changed (or swapped) while a machine is still running (hot) Critical servers often contain redundant components Network + 60 Chapter Summary (continued) • Utilizing a second, identical server to • duplicate the transactions and data storage of one server is called server mirroring Server clustering links multiple servers together to act as a single server Network + 61 Chapter Summary (continued) • An important storage redundancy feature • • is a Redundant Array of Independent (or Inexpensive) Disks (RAID) Network attached storage (NAS) is a dedicated storage device A storage area network (SAN) is a distinct network of multiple storage devices and servers Network + 62 Chapter Summary (continued) • A backup is a copy of data or program • • files created for archiving or safekeeping A popular, economical method for backing up networked systems is tape backup You can also back up data over the Internet Network + 63 Chapter Summary (continued) • The aim of a good backup rotation scheme • is to provide excellent data reliability Every organization should have a disaster recovery team Network + 64